Re: fixed ipv6 address with DHCPv6

From: Pavel Simerda <psimerda redhat com>
To: Gene Czarcinski <gene czarc net>
Cc: networkmanager-list gnome org
Subject: Re: fixed ipv6 address with DHCPv6
Date: Fri, 8 Feb 2013 12:20:10 -0500 (EST)

----- Original Message -----
> From: "Gene Czarcinski" <gene czarc net>
> For some time I have been having a problem attempting to have a
> dnsmasq
> server provide a system with a fixed IPv6 address.  Setting an IPv4
> address and identifying the system with its NIC's MAC address.  But,
> with DHCPv6 there is no relationship defined in the standard for
> DHCPv6 to use the MAC.

Correct. It's replaced with UUID.

> I tried using the system's name but that has not proven reliable.
> When
> the system and the dnsmasq server get "out of sync", it takes manual
> intervention to correct things.  When things do work, it works fine.

System's name is generally considered unreliable due to possible collisions.

> I looked into using the Client-ID but that "number" is based on the
> MAC plus time and will vary unpredictably.

This has been already fixed by dcbw after long talks with me and cyphermox.

> Suddenly (like yesterday) I found what appears to be the solution and
> it is likely to have been there for some time.  By default, dhclient
> will use LLT (Link-Layer plus Time) to define its DUID (Client-ID).

We are switching to DUID-UUID from /etc/machine-id reportedly required by D-Bus (even though I can't image any reason as D-Bus is not commonly used over the network).

> But, there is an command-line override which can change this to LL
> (Link-Layer) which uses the MAC prepended with 0:3:0:1.

This was the solution I originally proposed but...

1) It has some drawbacks.

2) You don't need it for normal operation. DUID-LLT saved in a disk file is stable enough for day-to-day operation. This has been solved by cyphermox even before we switched to machine-id.

> The important info is here:
> http://tools.ietf.org/html/rfc3315#section-9.4

See:

* http://tools.ietf.org/html/rfc6355 for the DUID-UUID (in the form of /etc/machine-id).
* https://bugzilla.gnome.org/show_bug.cgi?id=691885

> Also examine the dhclient man age and scroll down to "*-D*/ LL or
> LLT/"

I admit that DUID-LL is still better than non-stored DUID-LLT but DUID-UUID proves to be a better match that the two of those. If you have specific needs, you can still override the DUID manually.

> I then did a quick (two line) patch to NetworkManage
> [src/dhcp-manager/nm-dhcp-dhclient.c] to hardcode the addition of
> "-D",
> "LL" to the command-line if it is "-6".  It works as advertised.

Thanks for your effort but unless there's a very good reason to use DUID-LL, we're not going to do that (but you can still override the actual DUID e.g. by a script).

> While this works for me, I do not propose that this be the solution
> in NetworkManager.  Instead, I propose that the default remain the same
> and a new configuration file parameter be added: DUID= which will have
> only two valid values: LL or LLT.

As UUID is now the default, this proposal is obsolete. 

> If DUID= is not specified then the default is LLT.
> 
> Once this is accepted and part of NetworkManager, I will update
> network-manager-applet so the the DUID value can be specified when
> defining an IPv6 interface.  Initially, editing the configuration
> file should be adequate.

Do you have any questions or arguments for still supporting DUID-LL when we have DUID-UUID?

Cheers,

Pavel

Follow-Ups:
- Re: fixed ipv6 address with DHCPv6
  - From: Gene Czarcinski

References:
- fixed ipv6 address with DHCPv6
  - From: Gene Czarcinski

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]